<?php
$header_msg = "writin' blags arr we?";
include_once('header.inc');
require_once('db.php');

if (!empty($_SESSION['USER_ID'])) {
	if ((!empty($_POST['entrytext']))
		&& (!empty($_POST['entrytitle']))) {
//		echo "<P>Sending to database</P>";
		$sql = 'INSERT INTO `blogentries` (user_id, created_date, title, entry)
			VALUES (?, ?, ?, ?)';
		$execsql = $eebsdb->prepare($sql);
		$execsql->execute(array($_SESSION['USER_ID'], time(), $_POST['entrytitle'],
			$_POST['entrytext']))
			or die('database blogentry insert unsuccessfull');
		$poststatement = $eebsdb->query("SELECT `id` FROM `blogentries`
			WHERE `user_id`='".$_SESSION['USER_ID']."'
			AND `title`='".$_POST['entrytitle']."'");
		$currpost = $poststatement->fetch();
		Header('Location: ./readblog.php?blognumber='.$currpost['id']);
		}
?>
	<form method="post" action="newblogentry.php">
		<label for="entrytitle">Title: </label>
			<input type="text" name="entrytitle" title="title-really?"><br/>
		<label for="entrytext">Entry: </label>
			<TEXTAREA NAME="entrytext" COLS=40 ROWS=5 WRAP="VIRTUAL">
			</TEXTAREA><P><br/>
		<input type="submit" value="Submit entry"/>
	</form>
<?php
include_once('footer.inc');
}
else {
 // this is where logged in userland ends
?>
<BODY>
<P>
	only logged in users have read/write/edit permissions here, please
	<A HREF="login.php">log in</A> or <A HREF="login.php">register</A>.
</P>
<?php
}
?>
